Skip to content

Instantly share code, notes, and snippets.

@sleistner

sleistner/assume-role-direnv.sh

Created July 18, 2019 10:35
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sleistner/97e6d81c17af4351bc14472dfd4d7e4b to your computer and use it in GitHub Desktop.
Save sleistner/97e6d81c17af4351bc14472dfd4d7e4b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
assume-role-direnv.sh
#!/usr/bin/env bash
SESSION_NAME=run
AWS_REGION=eu-west-1
POSITIONAL=()
while [[ $# -gt 0 ]]; do
key="$1"
case $key in
--role-arn)
AWS_ROLE_ARN="$2"
shift # past argument
shift # past value
;;
--profile)
AWS_PROFILE="$2"
shift # past argument
shift # past value
;;
--serial-number)
AWS_SERIAL_NUMBER="$2"
shift # past argument
shift # past value
;;
--region)
AWS_REGION="$2"
shift # past argument
shift # past argument
;;
--session-name)
SESSION_NAME="$2"
shift # past argument
shift # past argument
;;
--token-code)
TOKEN_CODE="$2"
shift # past argument
shift # past argument
;;
*) # unknown option
POSITIONAL+=("$1") # save it in an array for later
shift # past argument
;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters
credentials=$(
aws sts assume-role \
--role-arn $AWS_ROLE_ARN \
--profile $AWS_PROFILE \
--role-session-name $SESSION_NAME \
--serial-number $AWS_SERIAL_NUMBER \
--token-code $TOKEN_CODE \
--query 'Credentials.{AKI:AccessKeyId,SAK:SecretAccessKey,ST:SessionToken}' \
--output text
)
echo export AWS_ACCESS_KEY_ID=$(echo ${credentials} | awk '{print $1}') >.envrc
echo export AWS_SECRET_ACCESS_KEY=$(echo ${credentials} | awk '{print $2}') >>.envrc
echo export AWS_SESSION_TOKEN=$(echo ${credentials} | awk '{print $3}') >>.envrc
echo export AWS_DEFAULT_REGION=$AWS_REGION >>.envrc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment